On behalf of the team at NuHarbor Security, we would like to wish everyone a Safe & Secure National Cyber Security Awareness Month!
Sponsored by the National Cyber Security Division and the National Cyber Security Alliance, this month of awareness began in the year 2004 and is recognized every October in the United States. The month is devoted to cognizance of common security threats, how to limit organizational vulnerabilities, and advice to ensure the protection of sensitive and personal information. In December of 2015, President Obama worked with Congress to pass the Cybersecurity Act and is now dedicating his efforts to implementing the Cybersecurity National Action Plan. These two security initiatives encourage security best practices and offer tips on security in general.
A Year in Review
As we approach the year 2017, we look back to highlight the most common security threats of 2016. Here are some key risks to be aware of, and how to avoid them:
Ransomware
According to Symantec, ransomware has become one of the most dangerous cyber security threats facing organizations and consumers in the past year, with 28% of ransomware infections occurring in the United States. Ransomware is a form of malicious software designed to block access to a computer system until a ransom is paid to the anonymous attacker. In previous years, ransomware attacks have been sporadic and random in nature, however, just in the past year, evidence has shown that ransomware attackers are increasingly targeting businesses.
Ransomware attacks negatively impact businesses in a number of ways. For example, when dealing with attacks, businesses may be forced to shut down their systems to deal with the attack. This amounts to significant losses in terms of downtime costs, reputational damages, and stolen data. To avoid the immense damages that ransomware causes, businesses and consumers must take preventative measures to protect against ransomware attacks, like backing up files and network segmentation. In addition, according to Symantec, companies should focus on the security of email, downloads, and browsers to prevent ransomware attacks.
Phishing Attacks
Another threat that defined the cyber security landscape in 2016 was the prevalence of phishing attacks. In fact, the number of phishing incidents increased 250 percent from October 2015 to March of 2016 according to SC Magazine. Phishing attacks occur when cybercriminals attempt to steal sensitive information, like usernames and passwords, via email. Often times, these harmful emails are disguised as authentic messages sent from trusted companies. Phishing attacks are unique in the fact that they manipulate emotions to gain access to confidential information. In addition to important account credentials, phishing attacks often target sensitive information like financial data and social security numbers of customers and employees.
For businesses, proper employee training is key to avoiding phishing attacks. Often times, uninformed employees will fall for the tricks of cyber criminals and put their company at risk by unintentionally offering up company information to the criminal. As part of National Cyber Security Awareness Month, increase security awareness training for your employees by covering how to identify suspicious emails and verify the source of the email. A little bit of research goes a long way!
Identity Theft
Identity theft is often the outcome of cyber security attacks like phishing and ransomware. Identity theft is classified as the fraudulent acquisition and use of an individual’s private identifiable information. The number of U.S. data breaches resulting in identity theft reached 781 in 2015, with the number of personal records exposed reaching 169 million, according to the Insurance Information Institute. Personal information is typically stolen for financial gain, with 49.2% of stolen information being used to falsify government documents or benefits.
Consumers and businesses can follow simple steps to avoid identity theft through unique password creation for every site, shopping on reputable websites, and using anti-virus software to help strengthen the defense of your information.
So what are you waiting for? Take action and keep both you and your company safe by training your employees on security best practices! Feel free to contact us with any questions you may have about National Cyber Security Awareness Month and what you can do to avoid cyber security threats.
